Skip to content

Exceptions on HEAD and OPTIONS requests to the IDP #1400

New issue
New issue
Closed
Closed
Exceptions on HEAD and OPTIONS requests to the IDP#1400
Labels
buglow
@ghost

Description

@ghost
ghost
opened on Nov 12, 2020

Describe the bug
When a client (noticed Firefox, Chrome, Edge and Word in the logs) sends an OPTIONS or HEAD request, SSP throws an unhandled Exception and the server then returns status 500. In a quick look I couldn't find methods OPTIONS/HEAD in the source nor an existing issue.

To Reproduce
Steps to reproduce the behavior:

  1. I've seen the exceptions on a real server, but wasn't able to trigger them myself in a standard login-ish way
  2. But one probably can come close enough with curl
  3. curl -Iv -L https://site/some-sp-protected-app
  4. The trace looks pretty similar

Expected behavior
Not quite sure what to expect in a standardized way, but not running into 500 would be a start.

Screenshots or logs
Trace from a production server with site/path redacted

simplesamlphp-idp WARNING [cfc72b4cab] Request method: 'OPTIONS', referer: https://site/
simplesamlphp-idp WARNING [cfc72b4cab] GET parameters: 'SAMLRequest', 'RelayState', referer: https://site/
simplesamlphp-idp ERR [cfc72b4cab] SimpleSAML\\Error\\Error: UNHANDLEDEXCEPTION, referer: https://site/
simplesamlphp-idp ERR [cfc72b4cab] Backtrace:, referer: https://site/
simplesamlphp-idp ERR [cfc72b4cab] 1 simplesamlphp/simplesamlphp/www/_include.php:17 (SimpleSAML_exception_handler), referer: https://site/
simplesamlphp-idp ERR [cfc72b4cab] 0 [builtin] (N/A), referer: https://site/
simplesamlphp-idp ERR [cfc72b4cab] Caused by: Exception: Unable to find the SAML 2 binding used for this request., referer: https://site/
simplesamlphp-idp ERR [cfc72b4cab] Backtrace:, referer: https://site/
simplesamlphp-idp ERR [cfc72b4cab] 2 simplesamlphp/saml2/src/SAML2/Binding.php:107 (SAML2\\Binding::getCurrentBinding), referer: https://site/
simplesamlphp-idp ERR [cfc72b4cab] 1 simplesamlphp/simplesamlphp/modules/saml/lib/IdP/SAML2.php:357 (SimpleSAML\\Module\\saml\\IdP\\SAML2::receiveAuthnRequest), referer: https://site/
simplesamlphp-idp ERR [cfc72b4cab] 0 simplesamlphp/simplesamlphp/www/saml2/idp/SSOService.php:21 (N/A), referer: https://site/
simplesamlphp-idp ERR [cfc72b4cab] Error report with id 45d1887a generated., referer: https://site/

Additional context
simplesamlphp/saml2 v4.1.10
simplesamlphp/simplesamlphp v1.18.8

Metadata

Metadata

Assignees

No one assigned

    Labels

    buglow

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions